04/04: services: openssh: Add escape hatch.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

04/04: services: openssh: Add escape hatch.

From:	guix-commits
Subject:	04/04: services: openssh: Add escape hatch.
Date:	Thu, 17 Jan 2019 11:58:47 -0500 (EST)

rekado pushed a commit to branch master
in repository guix.

commit 65cd70ce42d4a46a65f284cbd1386e3e169383e4
Author: Ricardo Wurmus <address@hidden>
Date:   Thu Jan 17 17:53:57 2019 +0100

    services: openssh: Add escape hatch.
    
    * gnu/services/ssh.scm (<openssh-configuration>)[extra-content]: New field.
    * doc/guix.texi (Networking Services): Document it.
---
 doc/guix.texi        | 13 +++++++++++++
 gnu/services/ssh.scm | 10 ++++++++++
 2 files changed, 23 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index ee7cf1d..245a18b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -12644,6 +12644,19 @@ This is a symbol specifying the logging level: 
@code{quiet}, @code{fatal},
 @code{error}, @code{info}, @code{verbose}, @code{debug}, etc.  See the man
 page for @file{sshd_config} for the full list of level names.
 
address@hidden @code{extra-content} (default: @code{""})
+This field can be used to append arbitrary text to the configuration file.  It
+is especially useful for elaborate configurations that cannot be expressed
+otherwise.  This configuration, for example, would generally disable root
+logins, but permit them from one specific IP address:
+
address@hidden
+(openssh-configuration
+  (extra-content "\
+Match Address 192.168.0.1
+  PermitRootLogin yes"))
address@hidden example
+
 @end table
 @end deftp
 
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index bb94c5f..97b7f3c 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -3,6 +3,7 @@
 ;;; Copyright © 2016 David Craven <address@hidden>
 ;;; Copyright © 2016 Julien Lepiller <address@hidden>
 ;;; Copyright © 2017 Clément Lassieur <address@hidden>
+;;; Copyright © 2019 Ricardo Wurmus <address@hidden>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -323,6 +324,12 @@ The other options should be self-descriptive."
   (log-level             openssh-configuration-log-level
                          (default 'info))
 
+  ;; String
+  ;; This is an "escape hatch" to provide configuration that isn't yet
+  ;; supported by this configuration record.
+  (extra-content         openssh-configuration-extra-content
+                         (default ""))
+
   ;; list of user-name/file-like tuples
   (authorized-keys       openssh-authorized-keys
                          (default '()))
@@ -471,6 +478,9 @@ of user-name/file-like tuples."
             (match-lambda
               ((name command) (format port "Subsystem\t~a\t~a\n" name 
command)))
             '#$(openssh-configuration-subsystems config))
+
+           (format port "~a\n"
+                   #$(openssh-configuration-extra-content config))
            #t)))))
 
 (define (openssh-shepherd-service config)

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (11b68c9 -> 65cd70c), guix-commits, 2019/01/17
- 02/04: scripts: Fix typo., guix-commits, 2019/01/17
- 01/04: gnu: ghc-8: Patch ghc-pkg for reproducibility., guix-commits, 2019/01/17
- 03/04: gnu: ghc-cryptonite: Disable tests., guix-commits, 2019/01/17
- 04/04: services: openssh: Add escape hatch., guix-commits <=

Prev by Date: 03/04: gnu: ghc-cryptonite: Disable tests.
Next by Date: 02/02: hydra: sysadmin: Permit root login from head node.
Previous by thread: 03/04: gnu: ghc-cryptonite: Disable tests.
Next by thread: branch master updated (29f0bb0 -> a4b9798)
Index(es):
- Date
- Thread